Commit dbd9bbfd authored by Jacob Vosmaer's avatar Jacob Vosmaer

Improve raven header blacklisting

parent 0a5245e5
...@@ -3,11 +3,15 @@ package helper ...@@ -3,11 +3,15 @@ package helper
import ( import (
"net/http" "net/http"
"reflect" "reflect"
"strings"
"github.com/getsentry/raven-go" "github.com/getsentry/raven-go"
) )
var ravenHeaderBlacklist = []string{
"Authorization",
"Private-Token",
}
func captureRavenError(r *http.Request, err error) { func captureRavenError(r *http.Request, err error) {
client := raven.DefaultClient client := raven.DefaultClient
...@@ -29,9 +33,13 @@ func captureRavenError(r *http.Request, err error) { ...@@ -29,9 +33,13 @@ func captureRavenError(r *http.Request, err error) {
} }
func CleanHeadersForRaven(r *http.Request) { func CleanHeadersForRaven(r *http.Request) {
if auth := r.Header.Get("Authorization"); auth != "" { if r == nil {
if authSplit := strings.Split(auth, " "); authSplit != nil { return
r.Header.Set("Authorization", authSplit[0]+" [redacted]") }
for _, key := range ravenHeaderBlacklist {
if r.Header.Get(key) != "" {
r.Header.Set(key, "[redacted]")
} }
} }
} }
...@@ -25,8 +25,6 @@ import ( ...@@ -25,8 +25,6 @@ import (
"time" "time"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/upstream" "gitlab.com/gitlab-org/gitlab-workhorse/internal/upstream"
"github.com/getsentry/raven-go"
) )
// Current version of GitLab Workhorse // Current version of GitLab Workhorse
...@@ -91,11 +89,6 @@ func main() { ...@@ -91,11 +89,6 @@ func main() {
}() }()
} }
// Use a custom environment variable (not SENTRY_DSN) to prevent
// clashes with gitlab-rails.
raven.SetDSN(os.Getenv("GITLAB_WORKHORSE_SENTRY_DSN"))
raven.DefaultClient.SetRelease(Version)
up := wrapRaven( up := wrapRaven(
upstream.NewUpstream( upstream.NewUpstream(
backendURL, backendURL,
...@@ -109,7 +102,3 @@ func main() { ...@@ -109,7 +102,3 @@ func main() {
log.Fatal(http.Serve(listener, up)) log.Fatal(http.Serve(listener, up))
} }
func wrapRaven(h http.Handler) http.Handler {
return http.HandlerFunc(raven.RecoveryHandler(h.ServeHTTP))
}
package main
import (
"net/http"
"os"
"gitlab.com/gitlab-org/gitlab-workhorse/internal/helper"
"github.com/getsentry/raven-go"
)
func wrapRaven(h http.Handler) http.Handler {
// Use a custom environment variable (not SENTRY_DSN) to prevent
// clashes with gitlab-rails.
sentryDSN := os.Getenv("GITLAB_WORKHORSE_SENTRY_DSN")
raven.SetDSN(sentryDSN) // sentryDSN may be empty
if sentryDSN == "" {
return h
}
raven.DefaultClient.SetRelease(Version)
return http.HandlerFunc(raven.RecoveryHandler(
func(w http.ResponseWriter, r *http.Request) {
defer func() {
if p := recover(); p != nil {
helper.CleanHeadersForRaven(r)
panic(p)
}
}()
h.ServeHTTP(w, r)
}))
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment